Post navigation

Why I Preordered An Acer C720 Chromebook

A lot of people aren’t super into Chrome OS, but I personally think it’s a great operating system for netbooks. They’re light as hell on your resources and Chrome OS is arguably the most secure consumer operating system around.

So, why did I buy the Chromebook?

The Hardware

The Chromebook has somedecent specs for the price (270 dollars after everything),

Now, this is not the most powerful device in the world. Intel really screwed up in my opinion when they left AVX and AES-IN instructions out of this CPU, but it’s still not weak at all. 4GB of RAM is definitely adequate for browsing and using many apps. A decent screen, and a SSD.

The hardware is really quite decent for a netbook, certainly for the price (comparable ACER notebooks are the same price). There’s also a really great battery life – 8.5 hours, and in my experience Chromebooks typically get as good or better battery life than advertised.

This is perfect for travel or going to my classes, which is 99% of the workload it’ll get.

The Software

Chrome OS is a really cool operating system. In my opinion, it’s the ideal operating system for a netbook. Whereas other operating systems will boot up taking 1GB of RAM, or more, just for the OS itself, ChromeOS (last I checked) boots with under 100MB usage. It’s a very stripped down and optimized Linux system, booting in just a few seconds. The hardware is completely dedicated to the operating system, so even though the specs aren’t very powerful, they’re not going to waste time on anything.

Chrome OS is easily the most secure operating system in terms of protecting the user from infection or exploitation. The Chrome sandbox on Linux is something I’ve written about in the past and I feel very confident in its security. As I’ve recently written about, Native Client apps, which allow for very low level and powerful programs to run on your Chromebook, are also placed into a sandbox.

On the topic of Native Client, I think it could be huge for Chromebooks. Right now many apps are glorified bookmarks – you click them, they take you to a site, and that’s it. Once Portable Native Client is released in Chrome 31 developers will have the tools to port projects that already exist over to ChromeOS with ease. LastPass has already started work on a Native Client binary plugin, and other projects can potentially be ported.

I’ll also be able to use my Chromebook to control other computers I own that run Chrome via the Chrome Remote Desktop plugin. That means that, should anything arise that my Chromebook can’t handle, I can simply control a system that I own that can handle the task.

The majority of the Chromebook usage is going to be Netflix, Google Docs, and Cloud 9 IDE, but I think I’ll have a lot of fun with it. I may at some point turn on Dev mode and start hacking at the low level stuff, but for the most part I just want a low maintenance system that I can take around with me.

Post navigation

4 thoughts on “Why I Preordered An Acer C720 Chromebook”

I agree with all of this, except I have one problem with the c7. I have a Samsung Chromebook right now, and I love the keyboard. As a student, I need something I am comfortable writing on. However in the few reviews so far of the new Acer Chromebook, the keyboard has been dinged. It is supposedly a bit small, and uncomfortable to type on. I would like to know your thoughts on this.

I’m afraid Chrome OS does not really solve the security issues, it just moves them from one place in the stack to another. In particular, they got better endpoint security by becoming more reliant on transport security.

What they did is basically move all code to the web browser and sandbox it there. Which is nice at a glance, and you cannot gain native code execution privileges or root or anything like that.

However, all the code executed is now obtained over the wire on every launch – over the friggin’ Internet. And security of the Internet is terrible: there are still high-risk attacks out there that have basically no effective countermeasures, just because the Internet was designed that way and there’s nothing you can do about it. For example, there are some partial counter-measures for SSLstrip, but very few people actually apply them, and even for those who do the problem was never completely solved!

Very few people do apply countermeasures to SSLStrip and TLS attacks, but Google is definitely one of the few. They were one of (if not the) first to push HSTS to their services. They’re also going to start enforcing extension verification via hashing.

It is in no means perfect, but I think the research behind their sandboxing is really very cool.